Over the next decade, the Internet of Things (“IoT”) will have a huge impact across industries for delivery of critical services. By the year 2020 it has been forecasted that there will be over 50 billion connected devices. IoT objects have the ability to transfer data and interact with their physical environment without requiring any human interaction. Paradoxically, however, the very principle that makes IoT so powerful can also create a huge security threat. The impact of the IoT on cybersecurity is expected to be profound and is expected to challenge the ability to deliver adequate security in IoT-enabled devices, networks, commercial operations, partner ecosystems, etc.
Cybersecurity is a business-wide issue—not just a technology risk. With the up-coming mass deployment of connected IoT devices, the boundaries between an organization and the outside world will be effectively removed. IoT devices and connections between devices will therefore become targets for cyberattacks, data eavesdropping, fake measurement injection, and/or incorrect commands, etc. In that context, user safety and privacy is at risk. Lack of security is an important obstacle to the adoption of IoT.
But securing IoT solutions raises several technical challenges because, among other things, the general trend for IoT solutions is toward deploying less expensive devices with less processing capabilities (e.g. CPU, RAM, battery, communication protocols, etc.). Device processing capabilities have a direct impact on the security capabilities that implement security solutions such as encryption, secure data storage, and/or digital signatures, etc.